With the growth of the Internet and communication technology, more and more information is being exchanged over the Internet. The information includes, but is not limited to, services, applications, and content. Said information includes personal as well as public information associated with a user. In the scenarios where the information communicated over the Internet is personal information, additional care has to be taken for maintaining trustworthiness of users accessing the information and user devices utilized for communication. For communicating the information in a secure environment, various authentication schemes are utilized for authentication of the users accessing such information. For example, in order to access an online banking application, users have to authenticate themselves so as to be able to log-in to the application.
In order to authenticate a user access, applications and services utilize more than one authentication techniques. For instance, various multi-factor authentication techniques are available that may utilize a challenge-response authentication approach. The challenge-response authentication approach refers to a family of protocols wherein one of the parties (also known as a challenger) presents a query, and another party (also known as a respondent) responds to the query. In case the response to the query matches with the ‘expected response’, authentication is assumed to be successful, and the user gets an access to the service/application. An example of challenge-response protocol includes a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) code authentication, where the challenge includes identifying a distorted CAPTCHA code and a valid response includes identifying the text included in the CAPTHCHA code. In certain scenarios, more than one factors for authentication are utilized for authentication. For example, in addition to CAPTCHA, a password authentication, a voice based authentication, and some other factors/forms of authentication can be employed for providing a robust information transmission over the internet. Such authentications involving multiple factors are termed as ‘multi-factor authentication’.
Typically, systems incorporating multi-factor authentication utilize different communication channels to exchange authentication information between the challenger and the respondent. For example, a 3-factor authentication system may make use of an audio or video communication channel for biometric data, a wired or wireless communication channel for passphrase and a wired or wireless communication channel for exchanging tokens. However, the use of multiple communication channels makes the deployment of such multi-factor systems expensive.